December 9

WEBINAR TAKEAWAY: When the Bad Guys Hide in Plain Sight: Hacking Platforms You Know and Trust

0  comments

file

MY KEY TAKEAWAYS

  • already 20 years ago, Kevin Mitnick testified before US Senate and highlighted social engineering and the need for training. Still today changing human behaviour is most times the weakest point.
  • threat actors have almost unlimited time to do extensive research before an attack, so they are extremly good at buidling the trust factor
  • Kevin recommends: trust your gut! If it sounds too good to be true, it possibly is.
  • A crafty attacker tries to push the victim into system 1 thinking. To force yourself to remain in system 2, is a very effective defense mechanism against social engineering.
  • While Trump was in hospital with COVID19, it created an information vaccum = working phish bait
  • Common phishing tactic: link to trusted sources like Google Docs or O365. Document might contain hyperlink to malware.
  • Having a good and tested(!) desaster recovery plan is cruicial with more and more ransomware attacks

Demo time

ENV


Tags

awareness training, phishing, social engineering


You may also like

Webinar takeaway – Nuclear Ransomware 3.0: We Thought It Was Bad and Then It Got Even Worse

Webinar takeaway – Nuclear Ransomware 3.0: We Thought It Was Bad and Then It Got Even Worse

Event takeaway: Layer8 Conference

Event takeaway: Layer8 Conference
{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}